Executive Summary
This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
| Summary | |
|---|---|
| Title | Mozilla Products: Multiple vulnerabilities |
| Informations | |||
|---|---|---|---|
| Name | GLSA-201504-01 | First vendor Publication | 2015-04-07 |
| Vendor | Gentoo | Last vendor Modification | 2015-04-07 |
| Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 10 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Synopsis Multiple vulnerabilities have been found in Mozilla Firefox, Thunderbird, and SeaMonkey, the worst of which may allow user-assisted execution of arbitrary code. Background Description Impact Workaround Resolution All firefox-bin users should upgrade to the latest version: All thunderbird users should upgrade to the latest version: All thunderbird-bin users should upgrade to the latest version: All seamonkey users should upgrade to the latest version: All seamonkey-bin users should upgrade to the latest version: All nspr users should upgrade to the latest version: References Availability https://security.gentoo.org/glsa/201504-01 |
Original Source
| Url : http://security.gentoo.org/glsa/glsa-201504-01.xml |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 20 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 10 % | CWE-264 | Permissions, Privileges, and Access Controls |
| 9 % | CWE-416 | Use After Free |
| 7 % | CWE-787 | Out-of-bounds Write (CWE/SANS Top 25) |
| 7 % | CWE-20 | Improper Input Validation |
| 6 % | CWE-310 | Cryptographic Issues |
| 6 % | CWE-269 | Improper Privilege Management |
| 6 % | CWE-200 | Information Exposure |
| 4 % | CWE-284 | Access Control (Authorization) Issues |
| 4 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 3 % | CWE-125 | Out-of-bounds Read |
| 2 % | CWE-362 | Race Condition |
| 2 % | CWE-346 | Origin Validation Error |
| 2 % | CWE-326 | Inadequate Encryption Strength |
| 2 % | CWE-189 | Numeric Errors (CWE/SANS Top 25) |
| 2 % | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25) |
| 2 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
| 1 % | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 1 % | CWE-399 | Resource Management Errors |
| 1 % | CWE-352 | Cross-Site Request Forgery (CSRF) (CWE/SANS Top 25) |
| 1 % | CWE-347 | Improper Verification of Cryptographic Signature |
| 1 % | CWE-254 | Security Features |
| 1 % | CWE-199 | Information Management Errors |
| 1 % | CWE-190 | Integer Overflow or Wraparound (CWE/SANS Top 25) |
| 1 % | CWE-19 | Data Handling |
| 1 % | CWE-17 | Code |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:18495 | |||
| Oval ID: | oval:org.mitre.oval:def:18495 | ||
| Title: | Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors related to a memory allocation through the garbage collection (GC) API. | ||
| Description: | Use-after-free vulnerability in the nsEventListenerManager::SetEventHandler function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors related to a memory allocation through the garbage collection (GC) API. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5601 | Version: | 16 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18694 | |||
| Oval ID: | oval:org.mitre.oval:def:18694 | ||
| Title: | The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page. | ||
| Description: | The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct buffer overflow attacks via a crafted web page. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5595 | Version: | 16 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18735 | |||
| Oval ID: | oval:org.mitre.oval:def:18735 | ||
| Title: | USN-2010-1 -- thunderbird vulnerabilities | ||
| Description: | Several security issues were fixed in Thunderbird. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2010-1 CVE-2013-1739 CVE-2013-5590 CVE-2013-5591 CVE-2013-5593 CVE-2013-5604 CVE-2013-5595 CVE-2013-5596 CVE-2013-5597 CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 CVE-2013-5602 CVE-2013-5603 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19001 | |||
| Oval ID: | oval:org.mitre.oval:def:19001 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5590 | Version: | 15 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19015 | |||
| Oval ID: | oval:org.mitre.oval:def:19015 | ||
| Title: | Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Unspecified vulnerability in the browser engine in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5591 | Version: | 15 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19066 | |||
| Oval ID: | oval:org.mitre.oval:def:19066 | ||
| Title: | The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com. | ||
| Description: | The cycle collection (CC) implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly determine the thread for release of an image object, which allows remote attackers to execute arbitrary code or cause a denial of service (race condition and application crash) via a large HTML document containing IMG elements, as demonstrated by the Never-Ending Reddit on reddit.com. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5596 | Version: | 15 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19091 | |||
| Oval ID: | oval:org.mitre.oval:def:19091 | ||
| Title: | The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents. | ||
| Description: | The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5604 | Version: | 15 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19103 | |||
| Oval ID: | oval:org.mitre.oval:def:19103 | ||
| Title: | USN-2009-1 -- firefox vulnerabilities | ||
| Description: | Firefox could be made to crash or run programs as your login if it opened a malicious website. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2009-1 CVE-2013-1739 CVE-2013-5590 CVE-2013-5591 CVE-2013-5592 CVE-2013-5593 CVE-2013-5604 CVE-2013-5595 CVE-2013-5596 CVE-2013-5597 CVE-2013-5598 CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 CVE-2013-5602 CVE-2013-5603 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19133 | |||
| Oval ID: | oval:org.mitre.oval:def:19133 | ||
| Title: | PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object. | ||
| Description: | PDF.js in Mozilla Firefox before 25.0 and Firefox ESR 24.x before 24.1 does not properly handle the appending of an IFRAME element, which allows remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges by using this element within an embedded PDF object. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5598 | Version: | 8 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Firefox ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19140 | |||
| Oval ID: | oval:org.mitre.oval:def:19140 | ||
| Title: | DSA-2800-1 nss - buffer overflow | ||
| Description: | Andrew Tinits reported a potentially exploitable buffer overflow in the Mozilla Network Security Service library (nss). With a specially crafted request a remote attacker could cause a denial of service or possibly execute arbitrary code. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2800-1 CVE-2013-5605 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19148 | |||
| Oval ID: | oval:org.mitre.oval:def:19148 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 25.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5592 | Version: | 8 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:19172 | |||
| Oval ID: | oval:org.mitre.oval:def:19172 | ||
| Title: | Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL. | ||
| Description: | Use-after-free vulnerability in the nsIOService::NewChannelFromURIWithProxyFlags function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code via vectors involving a blob: URL. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5600 | Version: | 15 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19263 | |||
| Oval ID: | oval:org.mitre.oval:def:19263 | ||
| Title: | The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element. | ||
| Description: | The SELECT element implementation in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 does not properly restrict the nature or placement of HTML within a dropdown menu, which allows remote attackers to spoof the address bar or conduct clickjacking attacks via vectors that trigger navigation off of a page containing this element. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5593 | Version: | 15 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19277 | |||
| Oval ID: | oval:org.mitre.oval:def:19277 | ||
| Title: | Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache. | ||
| Description: | Use-after-free vulnerability in the nsDocLoader::doStopDocumentLoad function in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving a state-change event during an update of the offline cache. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5597 | Version: | 15 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19293 | |||
| Oval ID: | oval:org.mitre.oval:def:19293 | ||
| Title: | The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies. | ||
| Description: | The Worker::SetEventListener function in the Web workers implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to direct proxies. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5602 | Version: | 15 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19302 | |||
| Oval ID: | oval:org.mitre.oval:def:19302 | ||
| Title: | Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates. | ||
| Description: | Use-after-free vulnerability in the nsContentUtils::ContentIsHostIncludingDescendantOf function in Mozilla Firefox before 25.0, Firefox ESR 24.x before 24.1, Thunderbird before 24.1, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving HTML document templates. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5603 | Version: | 15 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19315 | |||
| Oval ID: | oval:org.mitre.oval:def:19315 | ||
| Title: | Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event. | ||
| Description: | Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5599 | Version: | 15 |
| Platform(s): | Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla SeaMonkey Mozilla Firefox ESR Mozilla Thunderbird ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19393 | |||
| Oval ID: | oval:org.mitre.oval:def:19393 | ||
| Title: | CERT_VerifyCert can SECSuccess for bad certificates | ||
| Description: | The CERT_VerifyCert function in lib/certhigh/certvfy.c in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 provides an unexpected return value for an incompatible key-usage certificate when the CERTVerifyLog argument is valid, which might allow remote attackers to bypass intended access restrictions via a crafted certificate. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5606 | Version: | 7 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19530 | |||
| Oval ID: | oval:org.mitre.oval:def:19530 | ||
| Title: | Integer truncation in certificate parsing | ||
| Description: | Integer overflow in Mozilla Network Security Services (NSS) 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large size value. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-1741 | Version: | 7 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19731 | |||
| Oval ID: | oval:org.mitre.oval:def:19731 | ||
| Title: | Null Cipher buffer overflow | ||
| Description: | Mozilla Network Security Services (NSS) 3.14 before 3.14.5 and 3.15 before 3.15.3 allows remote attackers to cause a denial of service or possibly have unspecified other impact via invalid handshake packets. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5605 | Version: | 7 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19770 | |||
| Oval ID: | oval:org.mitre.oval:def:19770 | ||
| Title: | USN-2030-1 -- nss vulnerabilities | ||
| Description: | Several security issues were fixed in NSS. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2030-1 CVE-2013-1739 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19778 | |||
| Oval ID: | oval:org.mitre.oval:def:19778 | ||
| Title: | Avoid unsigned integer wrapping in PL_ArenaAllocate | ||
| Description: | Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5607 | Version: | 7 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows Server 2012 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19893 | |||
| Oval ID: | oval:org.mitre.oval:def:19893 | ||
| Title: | USN-2032-1 -- thunderbird vulnerabilities | ||
| Description: | Several security issues were fixed in Thunderbird. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2032-1 CVE-2013-1741 CVE-2013-2566 CVE-2013-5605 CVE-2013-5607 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19915 | |||
| Oval ID: | oval:org.mitre.oval:def:19915 | ||
| Title: | RC4 algorithm vulnerability | ||
| Description: | The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-2566 | Version: | 11 |
| Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 | Product(s): | Opera Browser Mozilla Firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19952 | |||
| Oval ID: | oval:org.mitre.oval:def:19952 | ||
| Title: | DSA-2788-1 iceweasel - several | ||
| Description: | Multiple security issues have been found in iceweasel, Debian's version of the Mozilla Firefox web browser: multiple memory safety errors, and other implementation errors may lead to the execution of arbitrary code. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2788-1 CVE-2013-5590 CVE-2013-5595 CVE-2013-5597 CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 CVE-2013-5602 CVE-2013-5604 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | iceweasel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:19958 | |||
| Oval ID: | oval:org.mitre.oval:def:19958 | ||
| Title: | USN-2031-1 -- firefox vulnerabilities | ||
| Description: | Several security issues were fixed in Firefox. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2031-1 CVE-2013-1741 CVE-2013-2566 CVE-2013-5605 CVE-2013-5607 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 Ubuntu 13.04 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20123 | |||
| Oval ID: | oval:org.mitre.oval:def:20123 | ||
| Title: | DSA-2797-1 icedove - several | ||
| Description: | Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client. Multiple memory safety errors, and other implementation errors may lead to the execution of arbitrary code. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2797-1 CVE-2013-5590 CVE-2013-5595 CVE-2013-5597 CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 CVE-2013-5602 CVE-2013-5604 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | icedove |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20292 | |||
| Oval ID: | oval:org.mitre.oval:def:20292 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5610 | Version: | 9 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20606 | |||
| Oval ID: | oval:org.mitre.oval:def:20606 | ||
| Title: | RHSA-2013:1829: nss, nspr, and nss-util security update (Important) | ||
| Description: | Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2013:1829-00 CESA-2013:1829 CVE-2013-1739 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606 CVE-2013-5607 | Version: | 75 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | nspr nss nss-util |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20678 | |||
| Oval ID: | oval:org.mitre.oval:def:20678 | ||
| Title: | Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners. | ||
| Description: | Use-after-free vulnerability in the nsEventListenerManager::HandleEventSubType function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to mListeners event listeners. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5616 | Version: | 14 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20749 | |||
| Oval ID: | oval:org.mitre.oval:def:20749 | ||
| Title: | RHSA-2013:1812: firefox security update (Critical) | ||
| Description: | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2013:1812-01 CESA-2013:1812 CVE-2013-0772 CVE-2013-5609 CVE-2013-5612 CVE-2013-5613 CVE-2013-5614 CVE-2013-5616 CVE-2013-5618 CVE-2013-6671 | Version: | 117 |
| Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20800 | |||
| Oval ID: | oval:org.mitre.oval:def:20800 | ||
| Title: | The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors. | ||
| Description: | The JavaScript implementation in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 does not properly enforce certain typeset restrictions on the generation of GetElementIC typed array stubs, which has unspecified impact and remote attack vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5615 | Version: | 14 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20848 | |||
| Oval ID: | oval:org.mitre.oval:def:20848 | ||
| Title: | RHSA-2013:1480: thunderbird security update (Important) | ||
| Description: | Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2013:1480-01 CESA-2013:1480 CVE-2013-5599 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:20932 | |||
| Oval ID: | oval:org.mitre.oval:def:20932 | ||
| Title: | Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site. | ||
| Description: | Mozilla Firefox before 26.0 and SeaMonkey before 2.23 do not properly consider the sandbox attribute of an IFRAME element during processing of a contained OBJECT element, which allows remote attackers to bypass intended sandbox restrictions via a crafted web site. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5614 | Version: | 9 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21015 | |||
| Oval ID: | oval:org.mitre.oval:def:21015 | ||
| Title: | Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function. | ||
| Description: | Use-after-free vulnerability in the PresShell::DispatchSynthMouseMove function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving synthetic mouse movement, related to the RestyleManager::GetHoverGeneration function. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5613 | Version: | 14 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21024 | |||
| Oval ID: | oval:org.mitre.oval:def:21024 | ||
| Title: | Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user. | ||
| Description: | Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-6673 | Version: | 14 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21047 | |||
| Oval ID: | oval:org.mitre.oval:def:21047 | ||
| Title: | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header. | ||
| Description: | Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 makes it easier for remote attackers to inject arbitrary web script or HTML by leveraging a Same Origin Policy violation triggered by lack of a charset parameter in a Content-Type HTTP header. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5612 | Version: | 9 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21069 | |||
| Oval ID: | oval:org.mitre.oval:def:21069 | ||
| Title: | DSA-2820-1 nspr - integer overflow | ||
| Description: | It was discovered that NSPR, Netscape Portable Runtime library, could crash an application using the library when parsing a certificate that causes an integer overflow. This flaw only affects 64-bit systems. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2820-1 CVE-2013-5607 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7 | Product(s): | nspr |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21091 | |||
| Oval ID: | oval:org.mitre.oval:def:21091 | ||
| Title: | Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. | ||
| Description: | Multiple integer overflows in the binary-search implementation in SpiderMonkey in Mozilla Firefox before 26.0 and SeaMonkey before 2.23 might allow remote attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact via crafted JavaScript code. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5619 | Version: | 9 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21104 | |||
| Oval ID: | oval:org.mitre.oval:def:21104 | ||
| Title: | RHSA-2013:1791: nss and nspr security, bug fix, and enhancement update (Important) | ||
| Description: | Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2013:1791-00 CESA-2013:1791 CVE-2013-1739 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606 CVE-2013-5607 | Version: | 73 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | nspr nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21110 | |||
| Oval ID: | oval:org.mitre.oval:def:21110 | ||
| Title: | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | ||
| Description: | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-6671 | Version: | 14 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21122 | |||
| Oval ID: | oval:org.mitre.oval:def:21122 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2013-5609 | Version: | 14 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird Mozilla Seamonkey Mozilla Firefox ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21167 | |||
| Oval ID: | oval:org.mitre.oval:def:21167 | ||
| Title: | RHSA-2013:1476: firefox security update (Critical) | ||
| Description: | The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2013:1476-00 CESA-2013:1476 CVE-2013-5590 CVE-2013-5595 CVE-2013-5597 CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 CVE-2013-5602 CVE-2013-5604 | Version: | 115 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21283 | |||
| Oval ID: | oval:org.mitre.oval:def:21283 | ||
| Title: | RHSA-2013:1823: thunderbird security update (Important) | ||
| Description: | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2013:1823-01 CESA-2013:1823 CVE-2013-0772 CVE-2013-5609 CVE-2013-5612 CVE-2013-5613 CVE-2013-5614 CVE-2013-5616 CVE-2013-5618 CVE-2013-6671 | Version: | 117 |
| Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21707 | |||
| Oval ID: | oval:org.mitre.oval:def:21707 | ||
| Title: | RHSA-2014:0133: thunderbird security update (Important) | ||
| Description: | The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0133-00 CESA-2014:0133 CVE-2014-1477 CVE-2014-1479 CVE-2014-1481 CVE-2014-1482 CVE-2014-1486 CVE-2014-1487 | Version: | 55 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22218 | |||
| Oval ID: | oval:org.mitre.oval:def:22218 | ||
| Title: | USN-2102-1 -- firefox vulnerabilities | ||
| Description: | Firefox could be made to crash or run programs as your login if it opened a malicious website. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2102-1 CVE-2014-1477 CVE-2014-1478 CVE-2014-1479 CVE-2014-1480 CVE-2014-1482 CVE-2014-1483 CVE-2014-1485 CVE-2014-1486 CVE-2014-1487 CVE-2014-1489 CVE-2014-1488 CVE-2014-1490 CVE-2014-1491 CVE-2014-1481 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22452 | |||
| Oval ID: | oval:org.mitre.oval:def:22452 | ||
| Title: | USN-2087-1 -- nspr vulnerability | ||
| Description: | NSPR could be made to crash or run programs if it received a specially crafted certificate. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2087-1 CVE-2013-5607 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | nspr |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22486 | |||
| Oval ID: | oval:org.mitre.oval:def:22486 | ||
| Title: | DSA-2858-1 iceweasel - several | ||
| Description: | Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, too-verbose error messages and missing permission checks may lead to the execution of arbitrary code, the bypass of security checks or information disclosure. This update also addresses security issues in the bundled version of the NSS crypto library. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2858-1 CVE-2014-1477 CVE-2014-1479 CVE-2014-1481 CVE-2014-1482 CVE-2014-1486 CVE-2014-1487 CVE-2014-1490 CVE-2014-1491 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | iceweasel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:22534 | |||
| Oval ID: | oval:org.mitre.oval:def:22534 | ||
| Title: | RHSA-2014:0132: firefox security update (Critical) | ||
| Description: | The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0132-00 CESA-2014:0132 CVE-2014-1477 CVE-2014-1479 CVE-2014-1481 CVE-2014-1482 CVE-2014-1486 CVE-2014-1487 | Version: | 55 |
| Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23177 | |||
| Oval ID: | oval:org.mitre.oval:def:23177 | ||
| Title: | ELSA-2013:1791: nss and nspr security, bug fix, and enhancement update (Important) | ||
| Description: | Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:1791-00 CVE-2013-1739 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606 CVE-2013-5607 | Version: | 25 |
| Platform(s): | Oracle Linux 5 | Product(s): | nspr nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23381 | |||
| Oval ID: | oval:org.mitre.oval:def:23381 | ||
| Title: | DEPRECATED: ELSA-2014:0133: thunderbird security update (Important) | ||
| Description: | The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0133-00 CVE-2014-1477 CVE-2014-1479 CVE-2014-1481 CVE-2014-1482 CVE-2014-1486 CVE-2014-1487 | Version: | 30 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23396 | |||
| Oval ID: | oval:org.mitre.oval:def:23396 | ||
| Title: | DEPRECATED: ELSA-2013:1812: firefox security update (Critical) | ||
| Description: | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:1812-01 CVE-2013-0772 CVE-2013-5609 CVE-2013-5612 CVE-2013-5613 CVE-2013-5614 CVE-2013-5616 CVE-2013-5618 CVE-2013-6671 | Version: | 38 |
| Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23434 | |||
| Oval ID: | oval:org.mitre.oval:def:23434 | ||
| Title: | DEPRECATED: ELSA-2013:1476: firefox security update (Critical) | ||
| Description: | The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:1476-00 CVE-2013-5590 CVE-2013-5595 CVE-2013-5597 CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 CVE-2013-5602 CVE-2013-5604 | Version: | 38 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23452 | |||
| Oval ID: | oval:org.mitre.oval:def:23452 | ||
| Title: | DEPRECATED: ELSA-2014:0132: firefox security update (Critical) | ||
| Description: | The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0132-00 CVE-2014-1477 CVE-2014-1479 CVE-2014-1481 CVE-2014-1482 CVE-2014-1486 CVE-2014-1487 | Version: | 30 |
| Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23516 | |||
| Oval ID: | oval:org.mitre.oval:def:23516 | ||
| Title: | DEPRECATED: ELSA-2014:0310: firefox security update (Critical) | ||
| Description: | vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0310-00 CVE-2014-1493 CVE-2014-1497 CVE-2014-1505 CVE-2014-1508 CVE-2014-1509 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 | Version: | 15 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23527 | |||
| Oval ID: | oval:org.mitre.oval:def:23527 | ||
| Title: | DEPRECATED: ELSA-2013:1480: thunderbird security update (Important) | ||
| Description: | Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:1480-01 CVE-2013-5599 | Version: | 7 |
| Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23545 | |||
| Oval ID: | oval:org.mitre.oval:def:23545 | ||
| Title: | Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site | ||
| Description: | Mozilla Firefox before 27.0 does not properly restrict access to about:home buttons by script on other pages, which allows user-assisted remote attackers to cause a denial of service (session restore) via a crafted web site. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1489 | Version: | 8 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23716 | |||
| Oval ID: | oval:org.mitre.oval:def:23716 | ||
| Title: | The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart. | ||
| Description: | The session-restore feature in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not consider the Content Security Policy of a data: URL, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document that is accessed after a browser restart. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1504 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23732 | |||
| Oval ID: | oval:org.mitre.oval:def:23732 | ||
| Title: | USN-2102-2 -- firefox regression | ||
| Description: | USN-2102-1 introduced a regression in Firefox. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2102-2 CVE-2014-1477 CVE-2014-1478 CVE-2014-1479 CVE-2014-1480 CVE-2014-1482 CVE-2014-1483 CVE-2014-1485 CVE-2014-1486 CVE-2014-1487 CVE-2014-1489 CVE-2014-1488 CVE-2014-1490 CVE-2014-1491 CVE-2014-1481 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23735 | |||
| Oval ID: | oval:org.mitre.oval:def:23735 | ||
| Title: | USN-2150-1 -- firefox vulnerabilities | ||
| Description: | Firefox could be made to crash or run programs as your login if it opened a malicious website. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2150-1 CVE-2014-1493 CVE-2014-1494 CVE-2014-1497 CVE-2014-1498 CVE-2014-1499 CVE-2014-1500 CVE-2014-1502 CVE-2014-1504 CVE-2014-1505 CVE-2014-1508 CVE-2014-1509 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23744 | |||
| Oval ID: | oval:org.mitre.oval:def:23744 | ||
| Title: | The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements. | ||
| Description: | The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1505 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23759 | |||
| Oval ID: | oval:org.mitre.oval:def:23759 | ||
| Title: | The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js | ||
| Description: | The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1487 | Version: | 9 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23766 | |||
| Oval ID: | oval:org.mitre.oval:def:23766 | ||
| Title: | ELSA-2014:0132: firefox security update (Critical) | ||
| Description: | The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0132-00 CVE-2014-1477 CVE-2014-1479 CVE-2014-1481 CVE-2014-1482 CVE-2014-1486 CVE-2014-1487 | Version: | 29 |
| Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23821 | |||
| Oval ID: | oval:org.mitre.oval:def:23821 | ||
| Title: | RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create | ||
| Description: | RasterImage.cpp in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent access to discarded data, which allows remote attackers to execute arbitrary code or cause a denial of service (incorrect write operations) via crafted image data, as demonstrated by Goo Create. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1482 | Version: | 8 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23916 | |||
| Oval ID: | oval:org.mitre.oval:def:23916 | ||
| Title: | ELSA-2013:1812: firefox security update (Critical) | ||
| Description: | The nsGfxScrollFrameInner::IsLTR function in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code via crafted use of JavaScript code for ordered list elements. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:1812-01 CVE-2013-0772 CVE-2013-5609 CVE-2013-5612 CVE-2013-5613 CVE-2013-5614 CVE-2013-5616 CVE-2013-5618 CVE-2013-6671 | Version: | 37 |
| Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:23934 | |||
| Oval ID: | oval:org.mitre.oval:def:23934 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1477 | Version: | 8 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23979 | |||
| Oval ID: | oval:org.mitre.oval:def:23979 | ||
| Title: | RHSA-2014:0316: thunderbird security update (Important) | ||
| Description: | Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514) Several information disclosure flaws were found in the way Thunderbird processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Thunderbird to crash. (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505) A memory corruption flaw was found in the way Thunderbird rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1509) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman, Christoph Diehl, Atte Kettunen, Tyson Smith, Jesse Schwartzentruber, John Thomson, Robert O'Callahan, Mariusz Mlynski, Jüri Aedla, George Hotz, and the security research firm VUPEN as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.4.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.4.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0316-00 CESA-2014:0316 CVE-2014-1493 CVE-2014-1497 CVE-2014-1505 CVE-2014-1508 CVE-2014-1509 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 | Version: | 27 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23990 | |||
| Oval ID: | oval:org.mitre.oval:def:23990 | ||
| Title: | The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site | ||
| Description: | The file-download implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 does not properly restrict the timing of button selections, which allows remote attackers to conduct clickjacking attacks, and trigger unintended launching of a downloaded file, via a crafted web site. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1480 | Version: | 8 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:23996 | |||
| Oval ID: | oval:org.mitre.oval:def:23996 | ||
| Title: | Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24 does not properly restrict public values in Diffie-Hellman key exchanges | ||
| Description: | Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, does not properly restrict public values in Diffie-Hellman key exchanges, which makes it easier for remote attackers to bypass cryptographic protection mechanisms in ticket handling by leveraging use of a certain value. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1491 | Version: | 12 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24002 | |||
| Oval ID: | oval:org.mitre.oval:def:24002 | ||
| Title: | Buffer overflow when using non-XBL object as XBL | ||
| Description: | The nsXBLProtoImpl::InstallImplementation function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 does not properly check whether objects are XBL objects, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via crafted JavaScript code that accesses a non-XBL object as if it were an XBL object. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1524 | Version: | 11 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24009 | |||
| Oval ID: | oval:org.mitre.oval:def:24009 | ||
| Title: | Memory safety bugs fixed in Firefox ESR 24.5 and Firefox 29.0 | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1518 | Version: | 11 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24017 | |||
| Oval ID: | oval:org.mitre.oval:def:24017 | ||
| Title: | The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call. | ||
| Description: | The Web IDL implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary JavaScript code with chrome privileges by using an IDL fragment to trigger a window.open call. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1510 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24030 | |||
| Oval ID: | oval:org.mitre.oval:def:24030 | ||
| Title: | Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines | ||
| Description: | Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allow remote attackers to bypass intended restrictions on window objects by leveraging inconsistency in native getter methods across different JavaScript engines. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1481 | Version: | 8 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24042 | |||
| Oval ID: | oval:org.mitre.oval:def:24042 | ||
| Title: | DEPRECATED: ELSA-2014:0448: firefox security update (Critical) | ||
| Description: | Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Firefox resolved hosts in certain circumstances. An attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Firefox decoded JPEG images. Loading a web page containing a specially crafted JPEG image could cause Firefox to crash. (CVE-2014-1523) A flaw was found in the way Firefox handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith, and Jesse Schwartzentrube as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.5.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to this updated package, which contains Firefox version 24.5.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0448-00 CVE-2014-1518 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529 CVE-2014-1530 CVE-2014-1531 CVE-2014-1532 | Version: | 5 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24056 | |||
| Oval ID: | oval:org.mitre.oval:def:24056 | ||
| Title: | The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes | ||
| Description: | The System Only Wrapper (SOW) implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 does not prevent certain cloning operations, which allows remote attackers to bypass intended restrictions on XUL content via vectors involving XBL content scopes. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1479 | Version: | 8 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24084 | |||
| Oval ID: | oval:org.mitre.oval:def:24084 | ||
| Title: | Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions | ||
| Description: | Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to bypass the Same Origin Policy and obtain sensitive information by using an IFRAME element in conjunction with certain timing measurements involving the document.caretPositionFromPoint and document.elementFromPoint functions. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1483 | Version: | 8 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24094 | |||
| Oval ID: | oval:org.mitre.oval:def:24094 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1534 | Version: | 10 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24097 | |||
| Oval ID: | oval:org.mitre.oval:def:24097 | ||
| Title: | USN-2151-1 -- thunderbird vulnerabilities | ||
| Description: | Several security issues were fixed in Thunderbird. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2151-1 CVE-2014-1493 CVE-2014-1497 CVE-2014-1505 CVE-2014-1508 CVE-2014-1509 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24103 | |||
| Oval ID: | oval:org.mitre.oval:def:24103 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to the MPostWriteBarrier class in js/src/jit/MIR.h and stack alignment in js/src/jit/AsmJS.cpp in OdinMonkey, and unknown other vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1478 | Version: | 8 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24118 | |||
| Oval ID: | oval:org.mitre.oval:def:24118 | ||
| Title: | ELSA-2013:1476: firefox security update (Critical) | ||
| Description: | The txXPathNodeUtils::getBaseURI function in the XSLT processor in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly initialize data, which allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via crafted documents. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:1476-00 CVE-2013-5590 CVE-2013-5595 CVE-2013-5597 CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 CVE-2013-5602 CVE-2013-5604 | Version: | 37 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24139 | |||
| Oval ID: | oval:org.mitre.oval:def:24139 | ||
| Title: | ELSA-2013:1480: thunderbird security update (Important) | ||
| Description: | Use-after-free vulnerability in the nsIPresShell::GetPresContext function in the PresShell (aka presentation shell) implementation in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via vectors involving a CANVAS element, a mozTextStyle attribute, and an onresize event. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:1480-01 CVE-2013-5599 | Version: | 6 |
| Platform(s): | Oracle Linux 6 Oracle Linux 5 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24144 | |||
| Oval ID: | oval:org.mitre.oval:def:24144 | ||
| Title: | The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors. | ||
| Description: | The (1) WebGL.compressedTexImage2D and (2) WebGL.compressedTexSubImage2D functions in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to bypass the Same Origin Policy and render content in a different domain via unspecified vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1502 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24156 | |||
| Oval ID: | oval:org.mitre.oval:def:24156 | ||
| Title: | ELSA-2014:0133: thunderbird security update (Important) | ||
| Description: | The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0133-00 CVE-2014-1477 CVE-2014-1479 CVE-2014-1481 CVE-2014-1482 CVE-2014-1486 CVE-2014-1487 | Version: | 29 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24164 | |||
| Oval ID: | oval:org.mitre.oval:def:24164 | ||
| Title: | The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions | ||
| Description: | The Content Security Policy (CSP) implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 operates on XSLT stylesheets according to style-src directives instead of script-src directives, which might allow remote attackers to execute arbitrary XSLT code by leveraging insufficient style-src restrictions. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1485 | Version: | 8 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24175 | |||
| Oval ID: | oval:org.mitre.oval:def:24175 | ||
| Title: | DEPRECATED: ELSA-2014:0449: thunderbird security update (Important) | ||
| Description: | Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Thunderbird resolved hosts in certain circumstances. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Thunderbird decoded JPEG images. Loading an email or a web page containing a specially crafted JPEG image could cause Thunderbird to crash. (CVE-2014-1523) A flaw was found in the way Thunderbird handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith and Jesse Schwartzentrube as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.5.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.5.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0449-00 CVE-2014-1518 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529 CVE-2014-1530 CVE-2014-1531 CVE-2014-1532 | Version: | 5 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24183 | |||
| Oval ID: | oval:org.mitre.oval:def:24183 | ||
| Title: | ELSA-2013:1829: nss, nspr, and nss-util security update (Important) | ||
| Description: | Integer overflow in the PL_ArenaAllocate function in Mozilla Netscape Portable Runtime (NSPR) before 4.10.2, as used in Firefox before 25.0.1, Firefox ESR 17.x before 17.0.11 and 24.x before 24.1.1, and SeaMonkey before 2.22.1, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted X.509 certificate, a related issue to CVE-2013-1741. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2013:1829-00 CVE-2013-1739 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606 CVE-2013-5607 | Version: | 25 |
| Platform(s): | Oracle Linux 6 | Product(s): | nspr nss nss-util |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24194 | |||
| Oval ID: | oval:org.mitre.oval:def:24194 | ||
| Title: | Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket | ||
| Description: | Race condition in libssl in Mozilla Network Security Services (NSS) before 3.15.4, as used in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, SeaMonkey before 2.24, and other products, allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors involving a resumption handshake that triggers incorrect replacement of a session ticket. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1490 | Version: | 12 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24205 | |||
| Oval ID: | oval:org.mitre.oval:def:24205 | ||
| Title: | Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data | ||
| Description: | Use-after-free vulnerability in the imgRequestProxy function in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving unspecified Content-Type values for image data. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1486 | Version: | 8 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24208 | |||
| Oval ID: | oval:org.mitre.oval:def:24208 | ||
| Title: | Use-after-free in the Text Track Manager for HTML video | ||
| Description: | The mozilla::dom::TextTrack::AddCue function in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 does not properly perform garbage collection for Text Track Manager variables, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) via a crafted VIDEO element in an HTML document. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1525 | Version: | 11 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24209 | |||
| Oval ID: | oval:org.mitre.oval:def:24209 | ||
| Title: | The Web workers implementation in Mozilla Firefox before 27.0, Firefox ESR 24.x before 24.3, Thunderbird before 24.3, and SeaMonkey before 2.24 allows remote attackers to bypass the Same Origin Policy and obtain sensitive authentication information via vectors involving error messages | ||
| Description: | The Web workers implementation in Mozilla Firefox before 27.0 and SeaMonkey before 2.24 allows remote attackers to execute arbitrary code via vectors involving termination of a worker process that has performed a cross-thread object-passing operation in conjunction with use of asm.js. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1488 | Version: | 9 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP Microsoft Windows 2000 | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24225 | |||
| Oval ID: | oval:org.mitre.oval:def:24225 | ||
| Title: | DSA-2881-1 iceweasel - security update | ||
| Description: | Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, out of bound reads, use-after-frees and other implementation errors may lead to the execution of arbitrary code, information disclosure, denial of service. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2881-1 CVE-2014-1493 CVE-2014-1497 CVE-2014-1505 CVE-2014-1508 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | iceweasel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24262 | |||
| Oval ID: | oval:org.mitre.oval:def:24262 | ||
| Title: | RHSA-2014:0741: firefox security update (Critical) | ||
| Description: | Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1533, CVE-2014-1538, CVE-2014-1541) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de Mooij, Ryan VanderMeulen, Jeff Walden, Kyle Huey, Abhishek Arya, and Nils as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.6.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.6.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0741-00 CESA-2014:0741 CVE-2014-1533 CVE-2014-1538 CVE-2014-1541 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 CentOS Linux 5 CentOS Linux 6 CentOS Linux 7 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24267 | |||
| Oval ID: | oval:org.mitre.oval:def:24267 | ||
| Title: | Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
| Description: | Use-after-free vulnerability in the nsTextEditRules::CreateMozBR function in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1538 | Version: | 10 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24286 | |||
| Oval ID: | oval:org.mitre.oval:def:24286 | ||
| Title: | Privilege escalation through Web Notification API | ||
| Description: | The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1529 | Version: | 11 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24293 | |||
| Oval ID: | oval:org.mitre.oval:def:24293 | ||
| Title: | RHSA-2014:0310: firefox security update (Critical) | ||
| Description: | Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514) Several information disclosure flaws were found in the way Firefox processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Firefox to crash. (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505) A memory corruption flaw was found in the way Firefox rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1509) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman, Christoph Diehl, Atte Kettunen, Tyson Smith, Jesse Schwartzentruber, John Thomson, Robert O'Callahan, Mariusz Mlynski, Jüri Aedla, George Hotz, and the security research firm VUPEN as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.4.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.4.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0310-00 CESA-2014:0310 CVE-2014-1493 CVE-2014-1497 CVE-2014-1505 CVE-2014-1508 CVE-2014-1509 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 | Version: | 27 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24300 | |||
| Oval ID: | oval:org.mitre.oval:def:24300 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1533 | Version: | 10 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24343 | |||
| Oval ID: | oval:org.mitre.oval:def:24343 | ||
| Title: | DEPRECATED: ELSA-2014:0316: thunderbird security update (Important) | ||
| Description: | Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514) Several information disclosure flaws were found in the way Thunderbird processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Thunderbird to crash. (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505) A memory corruption flaw was found in the way Thunderbird rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1509) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman, Christoph Diehl, Atte Kettunen, Tyson Smith, Jesse Schwartzentruber, John Thomson, Robert O'Callahan, Mariusz Mlynski, Jüri Aedla, George Hotz, and the security research firm VUPEN as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.4.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.4.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0316-00 CVE-2014-1493 CVE-2014-1497 CVE-2014-1505 CVE-2014-1508 CVE-2014-1509 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 | Version: | 15 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24349 | |||
| Oval ID: | oval:org.mitre.oval:def:24349 | ||
| Title: | ELSA-2014:0448: firefox security update (Critical) | ||
| Description: | Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Firefox resolved hosts in certain circumstances. An attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Firefox decoded JPEG images. Loading a web page containing a specially crafted JPEG image could cause Firefox to crash. (CVE-2014-1523) A flaw was found in the way Firefox handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith, and Jesse Schwartzentrube as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.5.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to this updated package, which contains Firefox version 24.5.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0448-00 CVE-2014-1518 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529 CVE-2014-1530 CVE-2014-1531 CVE-2014-1532 | Version: | 5 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24352 | |||
| Oval ID: | oval:org.mitre.oval:def:24352 | ||
| Title: | Use-after-free in nsHostResolver | ||
| Description: | Use-after-free vulnerability in the nsHostResolver::ConditionallyRefreshRecord function in libxul.so in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors related to host resolution. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1532 | Version: | 11 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24370 | |||
| Oval ID: | oval:org.mitre.oval:def:24370 | ||
| Title: | Privilege escalation through Mozilla Maintenance Service Installer | ||
| Description: | maintenservice_installer.exe in the Maintenance Service Installer in Mozilla Firefox before 29.0 and Firefox ESR 24.x before 24.5 on Windows allows local users to gain privileges by placing a Trojan horse DLL file into a temporary directory at an unspecified point in the update process. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1520 | Version: | 11 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24418 | |||
| Oval ID: | oval:org.mitre.oval:def:24418 | ||
| Title: | ELSA-2014:0316: thunderbird security update (Important) | ||
| Description: | Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514) Several information disclosure flaws were found in the way Thunderbird processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Thunderbird to crash. (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505) A memory corruption flaw was found in the way Thunderbird rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1509) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman, Christoph Diehl, Atte Kettunen, Tyson Smith, Jesse Schwartzentruber, John Thomson, Robert O'Callahan, Mariusz Mlynski, Jüri Aedla, George Hotz, and the security research firm VUPEN as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially-crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.4.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.4.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0316-00 CVE-2014-1493 CVE-2014-1497 CVE-2014-1505 CVE-2014-1508 CVE-2014-1509 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 | Version: | 14 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24419 | |||
| Oval ID: | oval:org.mitre.oval:def:24419 | ||
| Title: | DEPRECATED: Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image. | ||
| Description: | Mozilla Firefox before 30.0 and Thunderbird through 24.6 on OS X do not ensure visibility of the cursor after interaction with a Flash object and a DIV element, which makes it easier for remote attackers to conduct clickjacking attacks via JavaScript code that produces a fake cursor image. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1539 | Version: | 7 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24428 | |||
| Oval ID: | oval:org.mitre.oval:def:24428 | ||
| Title: | Web Audio memory corruption issues | ||
| Description: | The mozilla::dom::OscillatorNodeEngine::ComputeCustom function in the Web Audio subsystem in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read, memory corruption, and application crash) via crafted content. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1522 | Version: | 11 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24447 | |||
| Oval ID: | oval:org.mitre.oval:def:24447 | ||
| Title: | Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors. | ||
| Description: | Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1511 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24453 | |||
| Oval ID: | oval:org.mitre.oval:def:24453 | ||
| Title: | Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device. | ||
| Description: | Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox before 30.0 allow remote attackers to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1543 | Version: | 10 |
| Platform(s): | Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24458 | |||
| Oval ID: | oval:org.mitre.oval:def:24458 | ||
| Title: | ELSA-2014:0310: firefox security update (Critical) | ||
| Description: | Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1493, CVE-2014-1510, CVE-2014-1511, CVE-2014-1512, CVE-2014-1513, CVE-2014-1514) Several information disclosure flaws were found in the way Firefox processed malformed web content. An attacker could use these flaws to gain access to sensitive information such as cross-domain content or protected memory addresses or, potentially, cause Firefox to crash. (CVE-2014-1497, CVE-2014-1508, CVE-2014-1505) A memory corruption flaw was found in the way Firefox rendered certain PDF files. An attacker able to trick a user into installing a malicious extension could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1509) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman, Christoph Diehl, Atte Kettunen, Tyson Smith, Jesse Schwartzentruber, John Thomson, Robert O'Callahan, Mariusz Mlynski, Jüri Aedla, George Hotz, and the security research firm VUPEN as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.4.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.4.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0310-00 CVE-2014-1493 CVE-2014-1497 CVE-2014-1505 CVE-2014-1508 CVE-2014-1509 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 | Version: | 14 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24477 | |||
| Oval ID: | oval:org.mitre.oval:def:24477 | ||
| Title: | Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution. | ||
| Description: | Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (resource consumption and application hang) via onbeforeunload events that trigger background JavaScript execution. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1500 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24484 | |||
| Oval ID: | oval:org.mitre.oval:def:24484 | ||
| Title: | USN-2159-1 -- nss vulnerability | ||
| Description: | NSS could be made to expose sensitive information over the network. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2159-1 CVE-2014-1492 | Version: | 5 |
| Platform(s): | Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24490 | |||
| Oval ID: | oval:org.mitre.oval:def:24490 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1494 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24497 | |||
| Oval ID: | oval:org.mitre.oval:def:24497 | ||
| Title: | Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt. | ||
| Description: | Mozilla Firefox before 28.0 and SeaMonkey before 2.25 allow remote attackers to spoof the domain name in the WebRTC (1) camera or (2) microphone permission prompt by triggering navigation at a certain time during generation of this prompt. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1499 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24500 | |||
| Oval ID: | oval:org.mitre.oval:def:24500 | ||
| Title: | The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file. | ||
| Description: | The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service (out-of-bounds read and application crash), or possibly have unspecified other impact via a crafted WAV file. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1497 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24507 | |||
| Oval ID: | oval:org.mitre.oval:def:24507 | ||
| Title: | Use-after-free in imgLoader while resizing images | ||
| Description: | Use-after-free vulnerability in the nsGenericHTMLElement::GetWidthHeightForImage function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via vectors involving an imgLoader object that is not properly handled during an image-resize operation. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1531 | Version: | 11 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24512 | |||
| Oval ID: | oval:org.mitre.oval:def:24512 | ||
| Title: | Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects. | ||
| Description: | Use-after-free vulnerability in the TypeObject class in the JavaScript engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to execute arbitrary code by triggering extensive memory consumption while garbage collection is occurring, as demonstrated by improper handling of BumpChunk objects. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1512 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24519 | |||
| Oval ID: | oval:org.mitre.oval:def:24519 | ||
| Title: | The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering. | ||
| Description: | The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1508 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24534 | |||
| Oval ID: | oval:org.mitre.oval:def:24534 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1493 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24541 | |||
| Oval ID: | oval:org.mitre.oval:def:24541 | ||
| Title: | Incorrect IDNA domain name matching for wildcard certificates | ||
| Description: | The cert_TestHostName function in lib/certdb/certdb.c in the certificate-checking implementation in Mozilla Network Security Services (NSS) before 3.16 accepts a wildcard character that is embedded in an internationalized domain name's U-label, which might allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1492 | Version: | 11 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24549 | |||
| Oval ID: | oval:org.mitre.oval:def:24549 | ||
| Title: | Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document. | ||
| Description: | Buffer overflow in the _cairo_truetype_index_to_ucs4 function in cairo, as used in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25, allows remote attackers to execute arbitrary code via a crafted extension that renders fonts in a PDF document. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1509 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24553 | |||
| Oval ID: | oval:org.mitre.oval:def:24553 | ||
| Title: | Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event. | ||
| Description: | Use-after-free vulnerability in the nsDocLoader::OnProgress function in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allows remote attackers to execute arbitrary code via vectors that trigger a FireOnStateChange event. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1555 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24570 | |||
| Oval ID: | oval:org.mitre.oval:def:24570 | ||
| Title: | Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update. | ||
| Description: | Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 might allow local users to gain privileges by modifying the extracted Mar contents during an update. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1496 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24571 | |||
| Oval ID: | oval:org.mitre.oval:def:24571 | ||
| Title: | TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site. | ||
| Description: | TypedArrayObject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not prevent a zero-length transition during use of an ArrayBuffer object, which allows remote attackers to execute arbitrary code or cause a denial of service (heap-based out-of-bounds write or read) via a crafted web site. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1513 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24581 | |||
| Oval ID: | oval:org.mitre.oval:def:24581 | ||
| Title: | USN-2189-1 -- thunderbird vulnerabilities | ||
| Description: | Several security issues were fixed in Thunderbird. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2189-1 CVE-2014-1518 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529 CVE-2014-1530 CVE-2014-1531 CVE-2014-1532 | Version: | 4 |
| Platform(s): | Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24617 | |||
| Oval ID: | oval:org.mitre.oval:def:24617 | ||
| Title: | The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm. | ||
| Description: | The crypto.generateCRMFRequest method in Mozilla Firefox before 28.0 and SeaMonkey before 2.25 does not properly validate a certain key type, which allows remote attackers to cause a denial of service (application crash) via vectors that trigger generation of a key that supports the Elliptic Curve ec-dual-use algorithm. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1498 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24625 | |||
| Oval ID: | oval:org.mitre.oval:def:24625 | ||
| Title: | vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class. | ||
| Description: | vmtypedarrayobject.cpp in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 does not validate the length of the destination array before a copy operation, which allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds write and application crash) by triggering incorrect use of the TypedArrayObject class. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1514 | Version: | 9 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24667 | |||
| Oval ID: | oval:org.mitre.oval:def:24667 | ||
| Title: | Debugger can bypass XrayWrappers with JavaScript | ||
| Description: | The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1526 | Version: | 11 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla SeaMonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24670 | |||
| Oval ID: | oval:org.mitre.oval:def:24670 | ||
| Title: | RHSA-2014:0742: thunderbird security update (Important) | ||
| Description: | Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1533, CVE-2014-1538, CVE-2014-1541) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de Mooij, Ryan VanderMeulen, Jeff Walden, Kyle Huey, Abhishek Arya, and Nils as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.6.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.6.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0742-00 CESA-2014:0742 CVE-2014-1533 CVE-2014-1538 CVE-2014-1541 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24697 | |||
| Oval ID: | oval:org.mitre.oval:def:24697 | ||
| Title: | Out of bounds read while decoding JPG images | ||
| Description: | Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1523 | Version: | 11 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24708 | |||
| Oval ID: | oval:org.mitre.oval:def:24708 | ||
| Title: | ELSA-2014:0449: thunderbird security update (Important) | ||
| Description: | Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Thunderbird resolved hosts in certain circumstances. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Thunderbird decoded JPEG images. Loading an email or a web page containing a specially crafted JPEG image could cause Thunderbird to crash. (CVE-2014-1523) A flaw was found in the way Thunderbird handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith and Jesse Schwartzentrube as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.5.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.5.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0449-00 CVE-2014-1518 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529 CVE-2014-1530 CVE-2014-1531 CVE-2014-1532 | Version: | 5 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24710 | |||
| Oval ID: | oval:org.mitre.oval:def:24710 | ||
| Title: | Cross-site scripting (XSS) using history navigations | ||
| Description: | The docshell implementation in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to trigger the loading of a URL with a spoofed baseURI property, and conduct cross-site scripting (XSS) attacks, via a crafted web site that performs history navigation. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1530 | Version: | 11 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24716 | |||
| Oval ID: | oval:org.mitre.oval:def:24716 | ||
| Title: | Memory safety bugs fixed in Firefox 29.0 | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1519 | Version: | 11 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla SeaMonkey Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24799 | |||
| Oval ID: | oval:org.mitre.oval:def:24799 | ||
| Title: | Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization. | ||
| Description: | Mozilla Firefox before 31.0 does not properly restrict use of drag-and-drop events to spoof customization events, which allows remote attackers to alter the placement of UI icons via crafted JavaScript code that is encountered during (1) page, (2) panel, or (3) toolbar customization. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1561 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24808 | |||
| Oval ID: | oval:org.mitre.oval:def:24808 | ||
| Title: | Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content. | ||
| Description: | Use-after-free vulnerability in the nsEventListenerManager::CompileEventHandlerInternal function in the Event Listener Manager in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1540 | Version: | 10 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24812 | |||
| Oval ID: | oval:org.mitre.oval:def:24812 | ||
| Title: | RHSA-2014:0918: thunderbird security update (Important) | ||
| Description: | Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1547, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, David Keeler, Byron Campen, Jethro Beekman, Patrick Cozzi, and Mozilla community member John as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.7.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.7.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0918-00 CESA-2014:0918 CVE-2014-1547 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24829 | |||
| Oval ID: | oval:org.mitre.oval:def:24829 | ||
| Title: | RHSA-2014:0449: thunderbird security update (Important) | ||
| Description: | Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Thunderbird resolved hosts in certain circumstances. An attacker could use this flaw to crash Thunderbird or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Thunderbird decoded JPEG images. Loading an email or a web page containing a specially crafted JPEG image could cause Thunderbird to crash. (CVE-2014-1523) A flaw was found in the way Thunderbird handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith and Jesse Schwartzentrube as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.5.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.5.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0449-00 CESA-2014:0449 CVE-2014-1518 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529 CVE-2014-1530 CVE-2014-1531 CVE-2014-1532 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24839 | |||
| Oval ID: | oval:org.mitre.oval:def:24839 | ||
| Title: | USN-2185-1 -- firefox vulnerabilities | ||
| Description: | Firefox could be made to crash or run programs as your login if it opened a malicious website. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2185-1 CVE-2014-1518 CVE-2014-1519 CVE-2014-1522 CVE-2014-1523 CVE-2014-1524 CVE-2014-1525 CVE-2014-1528 CVE-2014-1529 CVE-2014-1530 CVE-2014-1531 CVE-2014-1492 CVE-2014-1532 CVE-2014-1526 | Version: | 4 |
| Platform(s): | Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24841 | |||
| Oval ID: | oval:org.mitre.oval:def:24841 | ||
| Title: | Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
| Description: | Use-after-free vulnerability in the mozilla::dom::workers::WorkerPrivateParent function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1537 | Version: | 10 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:24845 | |||
| Oval ID: | oval:org.mitre.oval:def:24845 | ||
| Title: | RHSA-2014:0448: firefox security update (Critical) | ||
| Description: | Mozilla Firefox is an open source web browser. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1518, CVE-2014-1524, CVE-2014-1529, CVE-2014-1531) A use-after-free flaw was found in the way Firefox resolved hosts in certain circumstances. An attacker could use this flaw to crash Firefox or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1532) An out-of-bounds read flaw was found in the way Firefox decoded JPEG images. Loading a web page containing a specially crafted JPEG image could cause Firefox to crash. (CVE-2014-1523) A flaw was found in the way Firefox handled browser navigations through history. An attacker could possibly use this flaw to cause the address bar of the browser to display a web page name while loading content from an entirely different web page, which could allow for cross-site scripting (XSS) attacks. (CVE-2014-1530) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Carsten Book, Christoph Diehl, Gary Kwong, Jan de Mooij, Jesse Ruderman, Nathan Froyd, Christian Holler, Abhishek Arya, Mariusz Mlynski, moz_bug_r_a4, Nils, Tyson Smith, and Jesse Schwartzentrube as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.5.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to this updated package, which contains Firefox version 24.5.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0448-00 CESA-2014:0448 CVE-2014-1518 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529 CVE-2014-1530 CVE-2014-1531 CVE-2014-1532 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24858 | |||
| Oval ID: | oval:org.mitre.oval:def:24858 | ||
| Title: | SUSE-SU-2014:0418-1 -- Security update for MozillaFirefox | ||
| Description: | Mozilla Firefox was updated to 24.4.0ESR release, fixing various security issues and bugs. | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:0418-1 CVE-2014-1493 CVE-2014-1494 CVE-2014-1496 CVE-2014-1497 CVE-2014-1498 CVE-2014-1499 CVE-2014-1500 CVE-2014-1501 CVE-2014-1502 CVE-2014-1504 CVE-2014-1508 CVE-2014-1509 CVE-2014-1505 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 | Version: | 5 |
| Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | MozillaFirefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24886 | |||
| Oval ID: | oval:org.mitre.oval:def:24886 | ||
| Title: | Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content. | ||
| Description: | Use-after-free vulnerability in the RefreshDriverTimer::TickDriver function in the SMIL Animation Controller in Mozilla Firefox before 30.0, Firefox ESR 24.x before 24.6, and Thunderbird before 24.6 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via crafted web content. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1541 | Version: | 10 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24891 | |||
| Oval ID: | oval:org.mitre.oval:def:24891 | ||
| Title: | DSA-2960-1 icedove - security update | ||
| Description: | Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2960-1 CVE-2014-1533 CVE-2014-1538 CVE-2014-1541 CVE-2014-1545 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | icedove |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24900 | |||
| Oval ID: | oval:org.mitre.oval:def:24900 | ||
| Title: | USN-2243-1 -- firefox vulnerabilities | ||
| Description: | Firefox could be made to crash or run programs as your login if it opened a malicious website. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2243-1 CVE-2014-1533 CVE-2014-1534 CVE-2014-1536 CVE-2014-1537 CVE-2014-1538 CVE-2014-1540 CVE-2014-1541 CVE-2014-1542 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24914 | |||
| Oval ID: | oval:org.mitre.oval:def:24914 | ||
| Title: | Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain. | ||
| Description: | Use-after-free vulnerability in the CERT_DestroyCertificate function in libnss3.so in Mozilla Network Security Services (NSS) 3.x, as used in Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, allows remote attackers to execute arbitrary code via vectors that trigger certain improper removal of an NSSCertificate structure from a trust domain. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1544 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24941 | |||
| Oval ID: | oval:org.mitre.oval:def:24941 | ||
| Title: | Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate. | ||
| Description: | Buffer overflow in the Speex resampler in the Web Audio subsystem in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code via vectors related to a crafted AudioBuffer channel count and sample rate. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1542 | Version: | 10 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox Mozilla Seamonkey |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24961 | |||
| Oval ID: | oval:org.mitre.oval:def:24961 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1547 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:24988 | |||
| Oval ID: | oval:org.mitre.oval:def:24988 | ||
| Title: | DSA-2962-1 nspr - security update | ||
| Description: | Abhiskek Arya discovered an out of bounds write in the cvt_t() function of the NetScape Portable Runtime Library which could result in the execution of arbitrary code. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2962-1 CVE-2014-1545 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | nspr |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25000 | |||
| Oval ID: | oval:org.mitre.oval:def:25000 | ||
| Title: | The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| Description: | The PropertyProvider::FindJustificationRange function in Mozilla Firefox before 30.0 allows remote attackers to execute arbitrary code or cause a denial of service (out-of-bounds read) via unspecified vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1536 | Version: | 10 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 Microsoft Windows 7 Microsoft Windows Server 2008 R2 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows 8.1 Microsoft Windows Server 2012 R2 | Product(s): | Mozilla Firefox |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:25002 | |||
| Oval ID: | oval:org.mitre.oval:def:25002 | ||
| Title: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Description: | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1548 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25005 | |||
| Oval ID: | oval:org.mitre.oval:def:25005 | ||
| Title: | ELSA-2014:0741: firefox security update (Critical) | ||
| Description: | Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1533, CVE-2014-1538, CVE-2014-1541) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de Mooij, Ryan VanderMeulen, Jeff Walden, Kyle Huey, Abhishek Arya, and Nils as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.6.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.6.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0741-00 CVE-2014-1533 CVE-2014-1538 CVE-2014-1541 | Version: | 4 |
| Platform(s): | Red Hat Enterprise Linux 7 Oracle Linux 6 Oracle Linux 5 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25016 | |||
| Oval ID: | oval:org.mitre.oval:def:25016 | ||
| Title: | Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559. | ||
| Description: | Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1559. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1558 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25027 | |||
| Oval ID: | oval:org.mitre.oval:def:25027 | ||
| Title: | Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object. | ||
| Description: | Use-after-free vulnerability in the FontTableRec destructor in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 on Windows allows remote attackers to execute arbitrary code via crafted use of fonts in MathML content, leading to improper handling of a DirectWrite font-face object. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1551 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25038 | |||
| Oval ID: | oval:org.mitre.oval:def:25038 | ||
| Title: | DSA-2955-1 iceweasel - security update | ||
| Description: | Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and buffer overflows may lead to the execution of arbitrary code or denial of service. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2955-1 CVE-2014-1533 CVE-2014-1538 CVE-2014-1541 CVE-2014-1545 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | iceweasel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25041 | |||
| Oval ID: | oval:org.mitre.oval:def:25041 | ||
| Title: | The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering. | ||
| Description: | The mozilla::dom::AudioBufferSourceNodeEngine::CopyFromInputBuffer function in Mozilla Firefox before 31.0 and Thunderbird before 31.0 does not properly allocate Web Audio buffer memory, which allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via crafted audio content that is improperly handled during playback buffering. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1549 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25053 | |||
| Oval ID: | oval:org.mitre.oval:def:25053 | ||
| Title: | USN-2265-1 -- nspr vulnerability | ||
| Description: | NSPR could be made to crash or run programs if it received specially crafted input. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2265-1 CVE-2014-1545 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | nspr |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25064 | |||
| Oval ID: | oval:org.mitre.oval:def:25064 | ||
| Title: | USN-2250-1 -- thunderbird vulnerabilities | ||
| Description: | Several security issues were fixed in Thunderbird. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2250-1 CVE-2014-1533 CVE-2014-1538 CVE-2014-1541 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 13.10 Ubuntu 12.04 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25090 | |||
| Oval ID: | oval:org.mitre.oval:def:25090 | ||
| Title: | Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context. | ||
| Description: | Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use ASCII character encoding in a required context. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1560 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25098 | |||
| Oval ID: | oval:org.mitre.oval:def:25098 | ||
| Title: | Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect. | ||
| Description: | Mozilla Firefox before 31.0 and Thunderbird before 31.0 do not properly implement the sandbox attribute of the IFRAME element, which allows remote attackers to bypass intended restrictions on same-origin content via a crafted web site in conjunction with a redirect. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1552 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25116 | |||
| Oval ID: | oval:org.mitre.oval:def:25116 | ||
| Title: | RHSA-2014:0917: nss and nspr security, bug fix, and enhancement update (Critical) | ||
| Description: | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1544) A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server. (CVE-2013-1740) A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker could use this flaw to crash an application using NSS or, in rare cases, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1490) It was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE) parameters. This could possibly lead to weak encryption being used in communication between the client and the server. (CVE-2014-1491) An out-of-bounds write flaw was found in NSPR. A remote attacker could potentially use this flaw to crash an application using NSPR or, possibly, execute arbitrary code with the privileges of the user running that application. This NSPR flaw was not exposed to web content in any shipped version of Firefox. (CVE-2014-1545) It was found that the implementation of Internationalizing Domain Names in Applications (IDNA) hostname matching in NSS did not follow the RFC 6125 recommendations. This could lead to certain invalid certificates with international characters to be accepted as valid. (CVE-2014-1492) Red Hat would like to thank the Mozilla project for reporting the CVE-2014-1544, CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream acknowledges Tyson Smith and Jesse Schwartzentruber as the original reporters of CVE-2014-1544, Brian Smith as the original reporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the original reporters of CVE-2014-1491, and Abhishek Arya as the original reporter of CVE-2014-1545. In addition, the nss package has been upgraded to upstream version 3.16.1, and the nspr package has been upgraded to upstream version 4.10.6. These updated packages provide a number of bug fixes and enhancements over the previous versions. (BZ#1112136, BZ#1112135) Users of NSS and NSPR are advised to upgrade to these updated packages, which correct these issues and add these enhancements. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0917-00 CESA-2014:0917 CVE-2013-1740 CVE-2014-1490 CVE-2014-1491 CVE-2014-1492 CVE-2014-1544 CVE-2014-1545 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | nspr nss nss-util |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25117 | |||
| Oval ID: | oval:org.mitre.oval:def:25117 | ||
| Title: | The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image. | ||
| Description: | The ConvolveHorizontally function in Skia, as used in Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7, does not properly handle the discarding of image data during function execution, which allows remote attackers to execute arbitrary code by triggering prolonged image scaling, as demonstrated by scaling of a high-quality image. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1557 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25177 | |||
| Oval ID: | oval:org.mitre.oval:def:25177 | ||
| Title: | SUSE-SU-2014:0638-1 -- Security update for Mozilla Firefox | ||
| Description: | This Mozilla Firefox and Mozilla NSS update to 24.5.0esr fixes the following several security and non-security issues: * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object as XBL * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while resizing images * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver Mozilla NSS has been updated to 3.16: * required for Firefox 29 * CVE-2014-1492: In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. * Update of root certificates. | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:0638-1 CVE-2014-1518 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529 CVE-2014-1530 CVE-2014-1531 CVE-2014-1532 CVE-2014-1492 CVE-2014-1520 | Version: | 5 |
| Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | Mozilla Firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25189 | |||
| Oval ID: | oval:org.mitre.oval:def:25189 | ||
| Title: | Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering. | ||
| Description: | Use-after-free vulnerability in the MediaInputPort class in Mozilla Firefox before 31.0 and Thunderbird before 31.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging incorrect Web Audio control-message ordering. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1550 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25198 | |||
| Oval ID: | oval:org.mitre.oval:def:25198 | ||
| Title: | ELSA-2014:0742: thunderbird security update (Important) | ||
| Description: | Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1533, CVE-2014-1538, CVE-2014-1541) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Gary Kwong, Christoph Diehl, Christian Holler, Hannes Verschore, Jan de Mooij, Ryan VanderMeulen, Jeff Walden, Kyle Huey, Abhishek Arya, and Nils as the original reporters of these issues. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.6.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.6.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014:0742-00 CVE-2014-1533 CVE-2014-1538 CVE-2014-1541 | Version: | 4 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:25227 | |||
| Oval ID: | oval:org.mitre.oval:def:25227 | ||
| Title: | SUSE-SU-2014:0638-2 -- Security update for Mozilla Firefox | ||
| Description: | This MozillaFirefox and mozilla-nss update fixes several security and non-security issues. MozillaFirefox has been updated to version 24.5.0esr which fixes the following issues: * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object as XBL * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while resizing images * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver Mozilla NSS has been updated to version 3.16 * required for Firefox 29 * CVE-2014-1492_ In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. * Update of root certificates. | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:0638-2 CVE-2014-1518 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529 CVE-2014-1530 CVE-2014-1531 CVE-2014-1532 CVE-2014-1492 CVE-2014-1520 | Version: | 5 |
| Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | Mozilla Firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25264 | |||
| Oval ID: | oval:org.mitre.oval:def:25264 | ||
| Title: | Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558. | ||
| Description: | Mozilla Firefox before 31.0 and Thunderbird before 31.0 allow remote attackers to cause a denial of service (X.509 certificate parsing outage) via a crafted certificate that does not use UTF-8 character encoding in a required context, a different vulnerability than CVE-2014-1558. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1559 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25270 | |||
| Oval ID: | oval:org.mitre.oval:def:25270 | ||
| Title: | RHSA-2014:0919: firefox security update (Critical) | ||
| Description: | Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1547, CVE-2014-1555, CVE-2014-1556, CVE-2014-1557) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Christian Holler, David Keeler, Byron Campen, Jethro Beekman, Patrick Cozzi, and Mozilla community member John as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.7.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.7.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0919-00 CESA-2014:0919 CVE-2014-1547 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 CentOS Linux 7 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25279 | |||
| Oval ID: | oval:org.mitre.oval:def:25279 | ||
| Title: | Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library. | ||
| Description: | Mozilla Firefox before 31.0, Firefox ESR 24.x before 24.7, and Thunderbird before 24.7 allow remote attackers to execute arbitrary code via crafted WebGL content constructed with the Cesium JavaScript library. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2014-1556 | Version: | 7 |
| Platform(s): | Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows Server 2008 R2 Microsoft Windows 7 Microsoft Windows Server 2008 Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Mozilla Firefox Mozilla Firefox ESR Mozilla Thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25335 | |||
| Oval ID: | oval:org.mitre.oval:def:25335 | ||
| Title: | RHSA-2014:0916: nss and nspr security update (Critical) | ||
| Description: | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A race condition was found in the way NSS verified certain certificates. A remote attacker could use this flaw to crash an application using NSS or, possibly, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1544) Red Hat would like to thank the Mozilla project for reporting CVE-2014-1544. Upstream acknowledges Tyson Smith and Jesse Schwartzentruber as the original reporters. Users of NSS and NSPR are advised to upgrade to these updated packages, which correct this issue. After installing this update, applications using NSS or NSPR must be restarted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:0916-00 CESA-2014:0916 CVE-2014-1544 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 7 | Product(s): | nspr nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25501 | |||
| Oval ID: | oval:org.mitre.oval:def:25501 | ||
| Title: | SUSE-SU-2014:0665-1 -- Security update for Mozilla Firefox | ||
| Description: | This Mozilla Firefox and Mozilla NSS update fixes several security and non-security issues. Mozilla Firefox has been updated to 24.5.0esr which fixes the following issues: * MFSA 2014-34/CVE-2014-1518 Miscellaneous memory safety hazards * MFSA 2014-37/CVE-2014-1523 Out of bounds read while decoding JPG images * MFSA 2014-38/CVE-2014-1524 Buffer overflow when using non-XBL object as XBL * MFSA 2014-42/CVE-2014-1529 Privilege escalation through Web Notification API * MFSA 2014-43/CVE-2014-1530 Cross-site scripting (XSS) using history navigations * MFSA 2014-44/CVE-2014-1531 Use-after-free in imgLoader while resizing images * MFSA 2014-46/CVE-2014-1532 Use-after-free in nsHostResolver Mozilla NSS has been updated to 3.16 * required for Firefox 29 * CVE-2014-1492_ In a wildcard certificate, the wildcard character should not be embedded within the U-label of an internationalized domain name. See the last bullet point in RFC 6125, Section 7.2. * Update of root certificates. | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:0665-1 CVE-2014-1518 CVE-2014-1523 CVE-2014-1524 CVE-2014-1529 CVE-2014-1530 CVE-2014-1531 CVE-2014-1532 CVE-2014-1492 | Version: | 5 |
| Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | Mozilla Firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25617 | |||
| Oval ID: | oval:org.mitre.oval:def:25617 | ||
| Title: | DSA-2996-1 -- icedove - security update | ||
| Description: | Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2996-1 CVE-2014-1544 CVE-2014-1547 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | icedove |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25706 | |||
| Oval ID: | oval:org.mitre.oval:def:25706 | ||
| Title: | USN-2295-1 -- firefox vulnerabilities | ||
| Description: | Firefox could be made to crash or run programs as your login if it opened a malicious website. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2295-1 CVE-2014-1547 CVE-2014-1548 CVE-2014-1549 CVE-2014-1550 CVE-2014-1561 CVE-2014-1555 CVE-2014-1556 CVE-2014-1544 CVE-2014-1557 CVE-2014-1558 CVE-2014-1559 CVE-2014-1560 CVE-2014-1552 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 12.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25862 | |||
| Oval ID: | oval:org.mitre.oval:def:25862 | ||
| Title: | DSA-2986-1 -- iceweasel - security update | ||
| Description: | Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2986-1 CVE-2014-1544 CVE-2014-1547 CVE-2014-1555 CVE-2014-1556 CVE-2014-1557 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | iceweasel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:25910 | |||
| Oval ID: | oval:org.mitre.oval:def:25910 | ||
| Title: | USN-2296-1 -- thunderbird vulnerabilities | ||
| Description: | Several security issues were fixed in Thunderbird. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2296-1 CVE-2014-1547 CVE-2014-1549 CVE-2014-1550 CVE-2014-1555 CVE-2014-1556 CVE-2014-1544 CVE-2014-1557 CVE-2014-1558 CVE-2014-1559 CVE-2014-1560 CVE-2014-1552 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 12.04 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26119 | |||
| Oval ID: | oval:org.mitre.oval:def:26119 | ||
| Title: | ELSA-2014-1246 -- nss and nspr security, bug fix, and enhancement update (Moderate) | ||
| Description: | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server. (CVE-2013-1740) A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker could use this flaw to crash an application using NSS or, in rare cases, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1490) It was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE) parameters. This could possibly lead to weak encryption being used in communication between the client and the server. (CVE-2014-1491) An out-of-bounds write flaw was found in NSPR. A remote attacker could potentially use this flaw to crash an application using NSPR or, possibly, execute arbitrary code with the privileges of the user running that application. This NSPR flaw was not exposed to web content in any shipped version of Firefox. (CVE-2014-1545) It was found that the implementation of Internationalizing Domain Names in Applications (IDNA) hostname matching in NSS did not follow the RFC 6125 recommendations. This could lead to certain invalid certificates with international characters to be accepted as valid. (CVE-2014-1492) Red Hat would like to thank the Mozilla project for reporting the CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream acknowledges Brian Smith as the original reporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the original reporters of CVE-2014-1491, and Abhishek Arya as the original reporter of CVE-2014-1545. The nss and nspr packages have been upgraded to upstream version 3.16.1 and 4.10.6 respectively, which provide a number of bug fixes and enhancements over the previous versions. (BZ#1110857, BZ#1110860) This update also fixes the following bugs: * Previously, when the output.log file was not present on the system, the shell in the Network Security Services (NSS) specification handled test failures incorrectly as false positive test results. Consequently, certain utilities, such as "grep", could not handle failures properly. This update improves error detection in the specification file, and "grep" and other utilities now handle missing files or crashes as intended. (BZ#1035281) * Prior to this update, a subordinate Certificate Authority (CA) of the ANSSI agency incorrectly issued an intermediate certificate installed on a network monitoring device. As a consequence, the monitoring device was enabled to act as an MITM (Man in the Middle) proxy performing traffic management of domain names or IP addresses that the certificate holder did not own or control. The trust in the intermediate certificate to issue the certificate for an MITM device has been revoked, and such a device can no longer be used for MITM attacks. (BZ#1042684) * Due to a regression, MD5 certificates were rejected by default because Network Security Services (NSS) did not trust MD5 certificates. With this update, MD5 certificates are supported in Red Hat Enterprise Linux 5. (BZ#11015864) Users of nss and nspr are advised to upgrade to these updated packages, which correct these issues and add these enhancements. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-1246 CVE-2013-1740 CVE-2014-1490 CVE-2014-1491 CVE-2014-1492 CVE-2014-1545 | Version: | 3 |
| Platform(s): | Oracle Linux 5 | Product(s): | nss |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:26141 | |||
| Oval ID: | oval:org.mitre.oval:def:26141 | ||
| Title: | DSA-2994-1 -- nss - security update | ||
| Description: | Several vulnerabilities have been discovered in nss, the Mozilla Network Security Service library. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-2994-1 CVE-2013-1741 CVE-2013-5606 CVE-2014-1491 CVE-2014-1492 | Version: | 5 |
| Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26152 | |||
| Oval ID: | oval:org.mitre.oval:def:26152 | ||
| Title: | SUSE-SU-2014:1120-1 -- Security update for MozillaFirefox | ||
| Description: | Mozilla Firefox was updated to the 24.8.0ESR release, fixing security issues and bugs. Only some of the published security advisories affect the Mozilla Firefox 24ESR codestream: * MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution. * MFSA 2014-67: Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. * Jan de Mooij reported a memory safety problem that affects Firefox ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562) More information is referenced on: https://www.mozilla.org/security/announce/ <https://www.mozilla.org/security/announce/> . Security Issues: * CVE-2014-1567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567> * CVE-2014-1562 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562> | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:1120-1 CVE-2014-1567 CVE-2014-1562 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | MozillaFirefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26168 | |||
| Oval ID: | oval:org.mitre.oval:def:26168 | ||
| Title: | RHSA-2014:1073: nss, nss-util, nss-softokn security, bug fix, and enhancement update (Low) | ||
| Description: | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSLv3, TLS, and other security standards. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:1073-00 CESA-2014:1073 CVE-2014-1492 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 7 CentOS Linux 7 | Product(s): | nss nss-softokn nss-util |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26268 | |||
| Oval ID: | oval:org.mitre.oval:def:26268 | ||
| Title: | USN-2343-1 -- nss vulnerability | ||
| Description: | NSS could be made to crash or run programs as your login if it processed a specially crafted certificate. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2343-1 CVE-2014-1544 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26273 | |||
| Oval ID: | oval:org.mitre.oval:def:26273 | ||
| Title: | SUSE-SU-2014:1112-2 -- Security update for MozillaFirefox | ||
| Description: | Mozilla Firefox was updated to the 24.8.0ESR release, fixing security issues and bugs. Only some of the published security advisories affect the Mozilla Firefox 24ESR codestream: * MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution. * MFSA 2014-67: Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. * Jan de Mooij reported a memory safety problem that affects Firefox ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562) More information is referenced on: https://www.mozilla.org/security/announce/ <https://www.mozilla.org/security/announce/> . Security Issues: * CVE-2014-1562 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562> * CVE-2014-1567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567> | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:1112-2 CVE-2014-1567 CVE-2014-1562 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | MozillaFirefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26436 | |||
| Oval ID: | oval:org.mitre.oval:def:26436 | ||
| Title: | SUSE-SU-2014:1220-3 -- Security update for mozilla-nss | ||
| Description: | Mozilla NSS was updated to version 3.16.5 to fix a RSA certificate forgery issue. MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates. The Advanced Threat Research team at Intel Security also independently discovered and reported this issue. Security Issues: * CVE-2014-1568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568> | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:1220-3 CVE-2014-1568 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 10 | Product(s): | mozilla-nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26451 | |||
| Oval ID: | oval:org.mitre.oval:def:26451 | ||
| Title: | RHSA-2014:1246: nss and nspr security, bug fix, and enhancement update (Moderate) | ||
| Description: | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A flaw was found in the way TLS False Start was implemented in NSS. An attacker could use this flaw to potentially return unencrypted information from the server. (CVE-2013-1740) A race condition was found in the way NSS implemented session ticket handling as specified by RFC 5077. An attacker could use this flaw to crash an application using NSS or, in rare cases, execute arbitrary code with the privileges of the user running that application. (CVE-2014-1490) It was found that NSS accepted weak Diffie-Hellman Key exchange (DHKE) parameters. This could possibly lead to weak encryption being used in communication between the client and the server. (CVE-2014-1491) An out-of-bounds write flaw was found in NSPR. A remote attacker could potentially use this flaw to crash an application using NSPR or, possibly, execute arbitrary code with the privileges of the user running that application. This NSPR flaw was not exposed to web content in any shipped version of Firefox. (CVE-2014-1545) It was found that the implementation of Internationalizing Domain Names in Applications (IDNA) hostname matching in NSS did not follow the RFC 6125 recommendations. This could lead to certain invalid certificates with international characters to be accepted as valid. (CVE-2014-1492) Red Hat would like to thank the Mozilla project for reporting the CVE-2014-1490, CVE-2014-1491, and CVE-2014-1545 issues. Upstream acknowledges Brian Smith as the original reporter of CVE-2014-1490, Antoine Delignat-Lavaud and Karthikeyan Bhargavan as the original reporters of CVE-2014-1491, and Abhishek Arya as the original reporter of CVE-2014-1545. The nss and nspr packages have been upgraded to upstream version 3.16.1 and 4.10.6 respectively, which provide a number of bug fixes and enhancements over the previous versions. (BZ#1110857, BZ#1110860) This update also fixes the following bugs: * Previously, when the output.log file was not present on the system, the shell in the Network Security Services (NSS) specification handled test failures incorrectly as false positive test results. Consequently, certain utilities, such as "grep", could not handle failures properly. This update improves error detection in the specification file, and "grep" and other utilities now handle missing files or crashes as intended. (BZ#1035281) * Prior to this update, a subordinate Certificate Authority (CA) of the ANSSI agency incorrectly issued an intermediate certificate installed on a network monitoring device. As a consequence, the monitoring device was enabled to act as an MITM (Man in the Middle) proxy performing traffic management of domain names or IP addresses that the certificate holder did not own or control. The trust in the intermediate certificate to issue the certificate for an MITM device has been revoked, and such a device can no longer be used for MITM attacks. (BZ#1042684) * Due to a regression, MD5 certificates were rejected by default because Network Security Services (NSS) did not trust MD5 certificates. With this update, MD5 certificates are supported in Red Hat Enterprise Linux 5. (BZ#11015864) Users of nss and nspr are advised to upgrade to these updated packages, which correct these issues and add these enhancements. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:1246-00 CVE-2013-1740 CVE-2014-1490 CVE-2014-1491 CVE-2014-1492 CVE-2014-1545 CESA-2014:1246 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26453 | |||
| Oval ID: | oval:org.mitre.oval:def:26453 | ||
| Title: | USN-2361-1 -- nss vulnerability | ||
| Description: | Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2361-1 CVE-2014-1568 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 12.04 Ubuntu 10.04 | Product(s): | nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26526 | |||
| Oval ID: | oval:org.mitre.oval:def:26526 | ||
| Title: | RHSA-2014:1145: thunderbird security update (Important) | ||
| Description: | Mozilla Thunderbird is a standalone mail and newsgroup client. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:1145-00 CESA-2014:1145 CVE-2014-1562 CVE-2014-1567 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 6 CentOS Linux 5 CentOS Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26530 | |||
| Oval ID: | oval:org.mitre.oval:def:26530 | ||
| Title: | USN-2329-1 -- firefox vulnerabilities | ||
| Description: | Firefox could be made to crash or run programs as your login if it opened a malicious website. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2329-1 CVE-2014-1553 CVE-2014-1554 CVE-2014-1562 CVE-2014-1563 CVE-2014-1564 CVE-2014-1565 CVE-2014-1567 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 12.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26573 | |||
| Oval ID: | oval:org.mitre.oval:def:26573 | ||
| Title: | RHSA-2014:1144: firefox security update (Critical) | ||
| Description: | Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:1144-00 CESA-2014:1144 CVE-2014-1562 CVE-2014-1567 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 CentOS Linux 7 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26574 | |||
| Oval ID: | oval:org.mitre.oval:def:26574 | ||
| Title: | DSA-3033-1 nss - security update | ||
| Description: | Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS (the Mozilla Network Security Service library) was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-3033-1 CVE-2014-1568 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26586 | |||
| Oval ID: | oval:org.mitre.oval:def:26586 | ||
| Title: | USN-2360-2 -- thunderbird vulnerabilities | ||
| Description: | Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2360-2 CVE-2014-1568 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 12.04 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26608 | |||
| Oval ID: | oval:org.mitre.oval:def:26608 | ||
| Title: | SUSE-SU-2014:1112-1 -- Security update for MozillaFirefox | ||
| Description: | Mozilla Firefox was updated to the 24.8.0ESR release, fixing security issues and bugs. Only some of the published security advisories affect the Mozilla Firefox 24ESR codestream: * MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution. * MFSA 2014-67: Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. * Jan de Mooij reported a memory safety problem that affects Firefox ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562) More information is referenced on: https://www.mozilla.org/security/announce/ <https://www.mozilla.org/security/announce/> . Security Issues: * CVE-2014-1562 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562> * CVE-2014-1567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567> | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:1112-1 CVE-2014-1567 CVE-2014-1562 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | MozillaFirefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26637 | |||
| Oval ID: | oval:org.mitre.oval:def:26637 | ||
| Title: | DSA-3028-1 icedove - security update | ||
| Description: | Multiple security issues have been found in Icedove, Debian's version of the Mozilla Thunderbird mail and news client: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-3028-1 CVE-2014-1562 CVE-2014-1567 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | icedove |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26643 | |||
| Oval ID: | oval:org.mitre.oval:def:26643 | ||
| Title: | DSA-3018-1 iceweasel - security update | ||
| Description: | Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors and use-after-frees may lead to the execution of arbitrary code or denial of service. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-3018-1 CVE-2014-1562 CVE-2014-1567 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | iceweasel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26699 | |||
| Oval ID: | oval:org.mitre.oval:def:26699 | ||
| Title: | SUSE-SU-2014:1107-1 -- Security update for MozillaFirefox | ||
| Description: | Mozilla Firefox was updated to the 24.8.0ESR release, fixing security issues and bugs. Only some of the published security advisories affect the Mozilla Firefox 24ESR codestream: * MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution. * MFSA 2014-67: Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. * Jan de Mooij reported a memory safety problem that affects Firefox ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562) More information is referenced on: https://www.mozilla.org/security/announce/ <https://www.mozilla.org/security/announce/> . Security Issues: * CVE-2014-1562 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562> * CVE-2014-1567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567> | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:1107-1 CVE-2014-1567 CVE-2014-1562 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | MozillaFirefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26703 | |||
| Oval ID: | oval:org.mitre.oval:def:26703 | ||
| Title: | RHSA-2014:1047: nss nad nspr bug fix and enhancement update (Moderate) | ||
| Description: | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:1047-00 CVE-2013-1740 CVE-2014-1490 CVE-2014-1491 CVE-2014-1492 CVE-2014-1545 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:26709 | |||
| Oval ID: | oval:org.mitre.oval:def:26709 | ||
| Title: | SUSE-SU-2014:1220-4 -- Security update for mozilla-nss | ||
| Description: | Mozilla NSS was updated to version 3.16.5 to fix a RSA certificate forgery issue. MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates. The Advanced Threat Research team at Intel Security also independently discovered and reported this issue. Security Issues: * CVE-2014-1568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568> | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:1220-4 CVE-2014-1568 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | mozilla-nss |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:26725 | |||
| Oval ID: | oval:org.mitre.oval:def:26725 | ||
| Title: | RHSA-2014:1307: nss security update (Important) | ||
| Description: | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. (CVE-2014-1568) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Antoine Delignat-Lavaud and Intel Product Security Incident Response Team as the original reporters. All NSS users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, applications using NSS must be restarted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:1307-00 CESA-2014:1307 CVE-2014-1568 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 7 CentOS Linux 6 CentOS Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26731 | |||
| Oval ID: | oval:org.mitre.oval:def:26731 | ||
| Title: | ELSA-2014-1145 -- thunderbird security update (Important) | ||
| Description: | Mozilla Thunderbird is a standalone mail and newsgroup client. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird. (CVE-2014-1562, CVE-2014-1567) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Jan de Mooij as the original reporter of CVE-2014-1562, and regenrecht as the original reporter of CVE-2014-1567. Note: All of the above issues cannot be exploited by a specially crafted HTML mail message as JavaScript is disabled by default for mail messages. They could be exploited another way in Thunderbird, for example, when viewing the full remote content of an RSS feed. For technical details regarding these flaws, refer to the Mozilla security advisories for Thunderbird 24.8.0. You can find a link to the Mozilla advisories in the References section of this erratum. All Thunderbird users should upgrade to this updated package, which contains Thunderbird version 24.8.0, which corrects these issues. After installing the update, Thunderbird must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-1145 CVE-2014-1562 CVE-2014-1567 | Version: | 3 |
| Platform(s): | Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:26747 | |||
| Oval ID: | oval:org.mitre.oval:def:26747 | ||
| Title: | DEPRECATED: ELSA-2014-0316 -- thunderbird security update (important) | ||
| Description: | [24.4.0-1.0.1] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [24.4.0-1] - Update to 24.4.0 | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-0316 CVE-2014-1493 CVE-2014-1497 CVE-2014-1505 CVE-2014-1508 CVE-2014-1509 CVE-2014-1510 CVE-2014-1511 CVE-2014-1512 CVE-2014-1513 CVE-2014-1514 | Version: | 4 |
| Platform(s): | Oracle Linux 5 Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26775 | |||
| Oval ID: | oval:org.mitre.oval:def:26775 | ||
| Title: | SUSE-SU-2014:1120-2 -- Security update for MozillaFirefox | ||
| Description: | Mozilla Firefox was updated to the 24.8.0ESR release, fixing security issues and bugs. Only some of the published security advisories affect the Mozilla Firefox 24ESR codestream: * MFSA 2014-72 / CVE-2014-1567: Security researcher regenrecht reported, via TippingPoint's Zero Day Initiative, a use-after-free during text layout when interacting with the setting of text direction. This results in a use-after-free which can lead to arbitrary code execution. * MFSA 2014-67: Mozilla developers and community identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be exploited to run arbitrary code. * Jan de Mooij reported a memory safety problem that affects Firefox ESR 24.7, ESR 31 and Firefox 31. (CVE-2014-1562) More information is referenced on: https://www.mozilla.org/security/announce/ <https://www.mozilla.org/security/announce/> . Security Issues: * CVE-2014-1567 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1567> * CVE-2014-1562 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1562> | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:1120-2 CVE-2014-1567 CVE-2014-1562 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 10 | Product(s): | MozillaFirefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26832 | |||
| Oval ID: | oval:org.mitre.oval:def:26832 | ||
| Title: | USN-2360-1 -- firefox vulnerabilities | ||
| Description: | Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2360-1 CVE-2014-1568 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 12.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26841 | |||
| Oval ID: | oval:org.mitre.oval:def:26841 | ||
| Title: | USN-2330-1 -- thunderbird vulnerabilities | ||
| Description: | Several security issues were fixed in Thunderbird. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2330-1 CVE-2014-1553 CVE-2014-1562 CVE-2014-1563 CVE-2014-1564 CVE-2014-1565 CVE-2014-1567 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 12.04 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26842 | |||
| Oval ID: | oval:org.mitre.oval:def:26842 | ||
| Title: | DSA-3034-1 iceweasel - security update | ||
| Description: | Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS (the Mozilla Network Security Service library, embedded in Wheezy's Iceweasel package), was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-3034-1 CVE-2014-1568 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | iceweasel |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26891 | |||
| Oval ID: | oval:org.mitre.oval:def:26891 | ||
| Title: | DSA-3037-1 icedove - security update | ||
| Description: | Antoine Delignat-Lavaud from Inria discovered an issue in the way NSS (the Mozilla Network Security Service library, embedded in Wheezy's Icedove), was parsing ASN.1 data used in signatures, making it vulnerable to a signature forgery attack. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-3037-1 CVE-2014-1568 | Version: | 3 |
| Platform(s): | Debian GNU/Linux 7.0 Debian GNU/kFreeBSD 7.0 | Product(s): | icedove |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26899 | |||
| Oval ID: | oval:org.mitre.oval:def:26899 | ||
| Title: | RHSA-2014:1635: firefox security update (Critical) | ||
| Description: | Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1574, CVE-2014-1578, CVE-2014-1581, CVE-2014-1576, CVE-2014-1577) A flaw was found in the Alarm API, which allows applications to schedule actions to be run in the future. A malicious web application could use this flaw to bypass cross-origin restrictions. (CVE-2014-1583) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Bobby Holley, Christian Holler, David Bolter, Byron Campen Jon Coppeard, Atte Kettunen, Holger Fuhrmannek, Abhishek Arya, regenrecht, and Boris Zbarsky as the original reporters of these issues. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 31.2.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 31.2.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | RHSA-2014:1635-00 CESA-2014:1635 CVE-2014-1574 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 CVE-2014-1583 | Version: | 3 |
| Platform(s): | Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 5 CentOS Linux 5 CentOS Linux 6 CentOS Linux 7 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26948 | |||
| Oval ID: | oval:org.mitre.oval:def:26948 | ||
| Title: | SUSE-SU-2014:1220-2 -- Security update for mozilla-nss | ||
| Description: | Mozilla NSS was updated to 3.16.5 to fix a RSA certificate forgery issue. MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates. The Advanced Threat Research team at Intel Security also independently discovered and reported this issue. Security Issues: * CVE-2014-1568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568> | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:1220-2 CVE-2014-1568 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 11 | Product(s): | mozilla-nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:26972 | |||
| Oval ID: | oval:org.mitre.oval:def:26972 | ||
| Title: | ELSA-2014-1647 -- thunderbird security update | ||
| Description: | [31.2.0-3.0.1.el6_5] - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js [31.2.0-3] - Enabled jemalloc on ppc(64) and s390(x) [31.2.0-2] - Update to 31.2.0 [31.1.1-2] - Sync preferences with Firefox [31.1.1-1] - Update to 31.1.1 [31.1.0-1] - Update to 31.1.0 [31.0-1] - Rebase to 31 ESR | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-1647 CVE-2014-1574 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 | Version: | 4 |
| Platform(s): | Oracle Linux 6 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:26973 | |||
| Oval ID: | oval:org.mitre.oval:def:26973 | ||
| Title: | USN-2372-1 -- Firefox vulnerabilities | ||
| Description: | Bobby Holley, Christian Holler, David Bolter, Byron Campen, Jon Coppeard, Carsten Book, Martijn Wargers, Shih-Chiang Chien, Terrence Cole and Jeff Walden discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1574">CVE-2014-1574</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1575">CVE-2014-1575</a>) Atte Kettunen discovered a buffer overflow during CSS manipulation. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1576">CVE-2014-1576</a>) Holger Fuhrmannek discovered an out-of-bounds read with Web Audio. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal sensitive information. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1577">CVE-2014-1577</a>) Abhishek Arya discovered an out-of-bounds write when buffering WebM video in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1578">CVE-2014-1578</a>) Michal Zalewski discovered that memory may not be correctly initialized when rendering a malformed GIF in to a canvas in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to steal sensitive information. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1580">CVE-2014-1580</a>) A use-after-free was discovered during text layout in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Firefox. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1581">CVE-2014-1581</a>) Patrick McManus and David Keeler discovered 2 issues that could result in certificate pinning being bypassed in some circumstances. An attacker with a fraudulent certificate could potentially exploit this conduct a man in the middle attack. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1582">CVE-2014-1582</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1584">CVE-2014-1584</a>) Eric Shepherd and Jan-Ivar Bruaroey discovered issues with video sharing via WebRTC in iframes, where video continues to be shared after being stopped and navigating to a new site doesn't turn off the camera. An attacker could potentially exploit this to access the camera without the user being aware. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1585">CVE-2014-1585</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1586">CVE-2014-1586</a>) Boris Zbarsky discovered that webapps could use the Alarm API to read the values of cross-origin references. If a user were tricked in to installing a specially crafter webapp, an attacker could potentially exploit this to bypass same-origin restrictions. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1583">CVE-2014-1583</a>) | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2372-1 CVE-2014-1574 CVE-2014-1575 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1580 CVE-2014-1581 CVE-2014-1582 CVE-2014-1584 CVE-2014-1585 CVE-2014-1586 CVE-2014-1583 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 12.04 | Product(s): | firefox |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27006 | |||
| Oval ID: | oval:org.mitre.oval:def:27006 | ||
| Title: | ELSA-2014-1144 -- firefox security update (Critical) | ||
| Description: | Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox. (CVE-2014-1562, CVE-2014-1567) Red Hat would like to thank the Mozilla project for reporting these issues. Upstream acknowledges Jan de Mooij as the original reporter of CVE-2014-1562, and regenrecht as the original reporter of CVE-2014-1567. For technical details regarding these flaws, refer to the Mozilla security advisories for Firefox 24.8.0 ESR. You can find a link to the Mozilla advisories in the References section of this erratum. All Firefox users should upgrade to these updated packages, which contain Firefox version 24.8.0 ESR, which corrects these issues. After installing the update, Firefox must be restarted for the changes to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-1144 CVE-2014-1562 CVE-2014-1567 | Version: | 3 |
| Platform(s): | Oracle Linux 6 Oracle Linux 7 Oracle Linux 5 | Product(s): | firefox xulrunner |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27025 | |||
| Oval ID: | oval:org.mitre.oval:def:27025 | ||
| Title: | SUSE-SU-2014:1220-1 -- Security update for mozilla-nss | ||
| Description: | Mozilla NSS was updated to version 3.16.5 to fix a RSA certificate forgery issue. MFSA 2014-73 / CVE-2014-1568: Antoine Delignat-Lavaud, security researcher at Inria Paris in team Prosecco, reported an issue in Network Security Services (NSS) libraries affecting all versions. He discovered that NSS is vulnerable to a variant of a signature forgery attack previously published by Daniel Bleichenbacher. This is due to lenient parsing of ASN.1 values involved in a signature and could lead to the forging of RSA certificates. The Advanced Threat Research team at Intel Security also independently discovered and reported this issue. Security Issues: * CVE-2014-1568 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1568> | ||
| Family: | unix | Class: | patch |
| Reference(s): | SUSE-SU-2014:1220-1 CVE-2014-1568 | Version: | 3 |
| Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | mozilla-nss |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27048 | |||
| Oval ID: | oval:org.mitre.oval:def:27048 | ||
| Title: | USN-2373-1 -- Thunderbird vulnerabilities | ||
| Description: | Bobby Holley, Christian Holler, David Bolter, Byron Campen and Jon Coppeard discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Thunderbird. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1574">CVE-2014-1574</a>) Atte Kettunen discovered a buffer overflow during CSS manipulation. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1576">CVE-2014-1576</a>) Holger Fuhrmannek discovered an out-of-bounds read with Web Audio. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to steal sensitive information. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1577">CVE-2014-1577</a>) Abhishek Arya discovered an out-of-bounds write when buffering WebM video in some circumstances. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1578">CVE-2014-1578</a>) A use-after-free was discovered during text layout in some circumstances. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking Thunderbird. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1581">CVE-2014-1581</a>) Eric Shepherd and Jan-Ivar Bruaroey discovered issues with video sharing via WebRTC in iframes, where video continues to be shared after being stopped and navigating to a new site doesn't turn off the camera. An attacker could potentially exploit this to access the camera without the user being aware. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1585">CVE-2014-1585</a>, <a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-1586">CVE-2014-1586</a>) | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-2373-1 CVE-2014-1574 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 CVE-2014-1585 CVE-2014-1586 | Version: | 3 |
| Platform(s): | Ubuntu 14.04 Ubuntu 12.04 | Product(s): | thunderbird |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:27058 | |||
| Oval ID: | oval:org.mitre.oval:def:27058 | ||
| Title: | ELSA-2014-1307 -- nss security update (Important) | ||
| Description: | Network Security Services (NSS) is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime (NSPR) provides platform independence for non-GUI operating system facilities. A flaw was found in the way NSS parsed ASN.1 (Abstract Syntax Notation One) input from certain RSA signatures. A remote attacker could use this flaw to forge RSA certificates by providing a specially crafted signature to an application using NSS. (CVE-2014-1568) Red Hat would like to thank the Mozilla project for reporting this issue. Upstream acknowledges Antoine Delignat-Lavaud and Intel Product Security Incident Response Team as the original reporters. All NSS users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing this update, applications using NSS must be restarted for this update to take effect. | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2014-1307 CVE-2014-1568 | Version: | 3 |
| Platform(s): | Oracle Linux 7 Oracle Linux 5 Oracle Linux 6 | Product(s): | nss |
| Definition Synopsis: | |||
| |||